The Department of Homeland Security is touting its “most successful cybersecurity hiring initiative” ever after bringing on nearly 300 pros, with job offers extended to 500 more.
It’s a figure significantly higher than the goal of 200 hires established under a two-month “Cybersecurity Workforce Sprint.”
But it’s also still just a dent, going 12% of the way toward filling the more than 2,000 vacancies, by DHS’s own accounting.
“DHS is dedicating significant energy toward exceeding our cybersecurity hiring goal by recruiting talented experts, investing in diverse talent pipelines, and ensuring equitable access to professional development opportunities at every level,” DHS Secretary Alejandro Mayorkas said in a news release late Thursday. “While I am proud of the progress we have made to date, we still have more work to do.”
It’s been a long, slow climb for DHS to bring on cyber personnel, but the “sprint” is the latest sign of progress following years of criticism. The Cybersecurity and Infrastructure Security Agency has reportedly hired more people in the first six months of this year than in the last two years combined.
In 2014, Congress gave DHS authorities to more swiftly hire cybersecurity personnel. Seven years later — with then-Vice President Joe Biden since taking over as commander-in-chief — DHS is scheduled in September to implement the Cybersecurity Talent Management System.
DHS plans to use the system to hire 150 more cyber personnel by the end of the current fiscal year, and 150 more in fiscal 2022, according to budget documents.
As of 2019, DHS had 14,000 employees performing at least some cybersecurity functions, according to an inspector general report.
That same report faulted the department for not filing congressionally-required annual cybersecurity workforce strategies.
“Without a complete workforce assessment and strategy, DHS is not well positioned to carry out its critical cybersecurity functions in the face of ever-expanding cybersecurity threats,” the report states. “Lacking an assessment, DHS cannot provide assurance that it has the appropriate skills, competencies, and expertise positioned across its components to address the multifaceted nature of DHS’ cybersecurity work.”
Besides the 2014 authorities, Congress has also tried to give DHS other tools to improve its cybersecurity recruitment. Lawmakers recently revived efforts to create a federal rotational program for private-sector cybersecurity experts, under which they could serve for a stretch at federal agencies before returning to their regular gigs.